| Filename | Apple's own Encryption Mechanism allows hacker to create an Undetectable Mac OS X Malware |
| Permission | rw-r--r-- |
| Author | Unknown |
| Date and Time | 10/08/2013 |
| Label | Cyber News |
| Action |
Ethical Hacking Institute in Pune
./Arizona Team
In the past, there was a general belief that Macs were much more secure than Windows PCs, but now Mac malware is a serious threat to the security of users’ computers and information.
One of the reasons behind the increase in Mac related Malware attacks is the fact that Apple products are popular with many prominent businessmen and influential politicians.
Daniel Pistelli, Reverse Engineer and lead developer of Cerbero Profiler, former developer of IDA Pro comes up with another interesting research, and explained the basic details behind the technique he used to create an undetectable malware for Mac OS X
Apple implements internally an encryption mechanism to protect some of their own executable like "Dock.app" or "Finder.app". This encryption can be applied to malware as well. If one does, anti-malware solutions can no longer detect the malware because of the encryption, but OS X has no problem loading such malware.
This same protection mechanism can be used on existing malwares that are already detected by Anti-malware products, to make them completely undetectable. Those same anti-malware products can no longer detect the malware because they don't understand it's encrypted.
Currently, it’s true that there are fewer malware programs that are targeting Mac OS X versus Windows. However, that doesn’t mean that Macs are totally secure.
To mitigate this problem Daniel suggests Anti-Malware product makers to either support the actual decryption , alternatively, to trust encrypted executables only when signed by Apple.
The events of recent years have led many users to question just how secure Mac really is.
www.arizonainfotech.com
CEH CHFI ECSA ENSA CCNA CCNA SECURITY MCITP RHCE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking, IT Security Training Information Security Traning Courses in Pune, ceh certification in pune, Ethical Hacking Course in Pune
./Arizona Team
In the past, there was a general belief that Macs were much more secure than Windows PCs, but now Mac malware is a serious threat to the security of users’ computers and information.
One of the reasons behind the increase in Mac related Malware attacks is the fact that Apple products are popular with many prominent businessmen and influential politicians.
Daniel Pistelli, Reverse Engineer and lead developer of Cerbero Profiler, former developer of IDA Pro comes up with another interesting research, and explained the basic details behind the technique he used to create an undetectable malware for Mac OS X
Apple implements internally an encryption mechanism to protect some of their own executable like "Dock.app" or "Finder.app". This encryption can be applied to malware as well. If one does, anti-malware solutions can no longer detect the malware because of the encryption, but OS X has no problem loading such malware.
This same protection mechanism can be used on existing malwares that are already detected by Anti-malware products, to make them completely undetectable. Those same anti-malware products can no longer detect the malware because they don't understand it's encrypted.
Currently, it’s true that there are fewer malware programs that are targeting Mac OS X versus Windows. However, that doesn’t mean that Macs are totally secure.
To mitigate this problem Daniel suggests Anti-Malware product makers to either support the actual decryption , alternatively, to trust encrypted executables only when signed by Apple.
The events of recent years have led many users to question just how secure Mac really is.
www.arizonainfotech.com
CEH CHFI ECSA ENSA CCNA CCNA SECURITY MCITP RHCE CLOUD ANDROID IPHONE NETWORKING HARDWARE TRAINING INSTITUTE IN PUNE, Certified Ethical Hacking, IT Security Training Information Security Traning Courses in Pune, ceh certification in pune, Ethical Hacking Course in Pune